[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

254492

 
 

909

 
 

198437

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15207 Download | Alert*

The Direct Rendering Manager subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager objects, which allows context-dependent attackers to cause a denial of service via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.

The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.

The host is installed with libevent in RHEL 6 or 7 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle an excessively long input. Successful exploitation could allow attackers to crash the service.

The host is installed with IBM Lotus Domino 8.5.x through 8.5.3 and is prone to open redirect vulnerability. A flaw is present in the application, which fails to properly handle the Web server component. Successful exploitation allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

The host is installed with IBM Tivoli Directory Server (TDS) 6.1 before 6.1.0.47 or 6.2 before 6.2.0.22 or 6.3 before 6.3.0.11 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed LDAP paged search request. Successful exploitation allows remote attackers to cause the application to crash.

The host is installed with IBM Tivoli Directory Server 6.2 before 6.2.0.3-TIV-ITDS-IF0004 and is prone to a security bypass vulnerability. A flaw is present in the Web Administration Tool, which fails to prevent auto completion of passwords in IDSWebApp login page. Successful exploitation could allow an attacker to bypass security and obtain access to an unattended workstation.

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.phpfilter[Query][terms][0][cnj] parameter.

ARM Trusted Firmware-A allows information disclosure.

An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34277115.

FreeCol version <= nightly-2018-08-22 contains a XML External Entity vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Freecol file.


Pages:      Start    1489    1490    1491    1492    1493    1494    1495    1496    1497    1498    1499    1500    1501    1502    ..   1520

© SecPod Technologies